mirrors/dendrite
1
0
Fork 0
mirror of https://github.com/matrix-org/dendrite.git synced 2025-12-08 07:23:10 -06:00
Code Issues Packages Projects Releases Wiki Activity

Improve documentation and naming

Browse source
This commit is contained in:
Sijmen Schoon 2023-01-27 16:08:17 +01:00 committed by KuhnChris
parent 4cca740ecf
commit 923f47c3a8
3 changed files with 19 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
clientapi/auth/login_application_service.go
View file

@ -45,7 +45,7 @@ func (t *LoginTypeApplicationService) LoginFromJSON(
return nil, nil, err return nil, nil, err
} }
_, err := internal.ValidateApplicationService(t.Config, r.Identifier.User, t.Token) _, err := internal.ValidateApplicationServiceRequest(t.Config, r.Identifier.User, t.Token)
if err != nil { if err != nil {
return nil, nil, err return nil, nil, err
} }

2
clientapi/routing/register.go
View file

@ -772,7 +772,7 @@ func handleApplicationServiceRegistration(
// Check application service register user request is valid. // Check application service register user request is valid.
// The application service's ID is returned if so. // The application service's ID is returned if so.
appserviceID, err := internal.ValidateApplicationService( appserviceID, err := internal.ValidateApplicationServiceRequest(
cfg, r.Username, accessToken, cfg, r.Username, accessToken,
) )
if err != nil { if err != nil {

39
internal/validate.go
View file

@ -129,23 +129,25 @@ func userIDIsWithinApplicationServiceNamespace(
userID string, userID string,
appservice *config.ApplicationService, appservice *config.ApplicationService,
) bool { ) bool {
var local, domain, err = gomatrixserverlib.SplitID('@', userID) var localpart, domain, err = gomatrixserverlib.SplitID('@', userID)
if err != nil { if err != nil {
// Not a valid userID // Not a valid userID
return false return false
} }
if !cfg.Matrix.IsLocalServerName(domain) { if !cfg.Matrix.IsLocalServerName(domain) {
// This is a federated userID
return false return false
} }
if appservice.SenderLocalpart == local { if localpart == appservice.SenderLocalpart {
// This is the application service bot userID
return true return true
} }
// Loop through given application service's namespaces and see if any match // Loop through given application service's namespaces and see if any match
for _, namespace := range appservice.NamespaceMap["users"] { for _, namespace := range appservice.NamespaceMap["users"] {
// AS namespaces are checked for validity in config // Application service namespaces are checked for validity in config
if namespace.RegexpObject.MatchString(userID) { if namespace.RegexpObject.MatchString(userID) {
return true return true
} }
@ -172,26 +174,19 @@ func userIDMatchesMultipleExclusiveNamespaces(
return false return false
} }
// UsernameMatchesExclusiveNamespaces will check if a given username matches any // ValidateApplicationServiceRequest checks if a provided application service
// application service's exclusive users namespace // token corresponds to one that is registered, and, if so, checks if the
func UsernameMatchesExclusiveNamespaces( // supplied userIDOrLocalpart is within that application service's namespace.
//
// As long as these two requirements are met, the matched application service
// ID will be returned. Otherwise, it will return a JSON response with the
// appropriate error message.
func ValidateApplicationServiceRequest(
cfg *config.ClientAPI, cfg *config.ClientAPI,
username string, userIDOrLocalpart string,
) bool {
userID := userutil.MakeUserID(username, cfg.Matrix.ServerName)
return cfg.Derived.ExclusiveApplicationServicesUsernameRegexp.MatchString(userID)
}
// validateApplicationService checks if a provided application service token
// corresponds to one that is registered. If so, then it checks if the desired
// username is within that application service's namespace. As long as these
// two requirements are met, no error will be returned.
func ValidateApplicationService(
cfg *config.ClientAPI,
username string,
accessToken string, accessToken string,
) (string, *util.JSONResponse) { ) (string, *util.JSONResponse) {
localpart, domain, err := userutil.ParseUsernameParam(username, cfg.Matrix) localpart, domain, err := userutil.ParseUsernameParam(userIDOrLocalpart, cfg.Matrix)
if err != nil { if err != nil {
return "", &util.JSONResponse{ return "", &util.JSONResponse{
Code: http.StatusUnauthorized, Code: http.StatusUnauthorized,
@ -223,7 +218,7 @@ func ValidateApplicationService(
return "", &util.JSONResponse{ return "", &util.JSONResponse{
Code: http.StatusBadRequest, Code: http.StatusBadRequest,
JSON: jsonerror.ASExclusive(fmt.Sprintf( JSON: jsonerror.ASExclusive(fmt.Sprintf(
"Supplied username %s did not match any namespaces for application service ID: %s", username, matchedApplicationService.ID)), "Supplied username %s did not match any namespaces for application service ID: %s", userIDOrLocalpart, matchedApplicationService.ID)),
} }
} }
@ -232,7 +227,7 @@ func ValidateApplicationService(
return "", &util.JSONResponse{ return "", &util.JSONResponse{
Code: http.StatusBadRequest, Code: http.StatusBadRequest,
JSON: jsonerror.ASExclusive(fmt.Sprintf( JSON: jsonerror.ASExclusive(fmt.Sprintf(
"Supplied username %s matches multiple exclusive application service namespaces. Only 1 match allowed", username)), "Supplied username %s matches multiple exclusive application service namespaces. Only 1 match allowed", userIDOrLocalpart)),
} }
} }